security vector icon

Security
Statement

At Safe Security, we make cyber risk an informed business decision.

As a pioneer in the “Cybersecurity and Digital Business Risk Quantification” space, Safe Security is enabling businesses to objectively measure and mitigate cyber risk across the enterprise. We are fundamentally changing how digital risk is managed with our ML Enabled API-First SAFE Platform, which aggregates automated signals across people, process, and technology, both for 1st and 3rd Party to dynamically predict the breach likelihood (SAFE Score) & $$ risk of an organization.

With security being at the heart of everything we do, we go the extra mile to ensure that our customers' data is secure. We implement best in class and industry-leading security programs and measures to secure our cloud-based platforms and processes.

Our approach to security
is based on the following objectives

best-in-class saas product security
01
Best-in-class SaaS product security
satisfying cloud security requirements
02
Satisfy customers' cloud security requirements
industry security standards
03
Fulfill industry security standards
identifying product-related cybersecurity threats
04
Proactively identify security threats to the product
Compliance with Laws,
Regulations, and Standards
aicpa soc certification logo
SOC 2 Type 2
iso 25001:2013 certified
ISO 27001:2013
iso 9001:2015 certified
ISO 9001:2015
Data Security
SAFE is a cloud-based SaaS platform.
01
Data Centers
Our product - SAFE - and our customers’ data are hosted on the cloud hosting service,
Amazon Web Services (AWS).

SAFE product and customers’ data can be hosted on any of the supported AWS regions worldwide. As a customer, when you sign up for SAFE, you are essentially allocated a tenant. As part of this process, you can select a region where the application data is stored. There are different types of data collected, processed, and managed by SAFE.

Refer to Data Residency in SAFE for more details.

Currently, SAFE is hosted in the following AWS regions:
safe aws hosted regions
02
Encryption of data
Data in transit

SAFE encrypts the customers’ data in transit over public networks using TLS 1.2 to protect it from unauthorized disclosure or modification.

Data at rest

SAFE encrypts the customers’ data at rest using the AES 256-bit AWS KMS key.

Key Management

SAFE uses AWS Key Management Service (KMS) for storing encryption keys. We allow our customers to provide their own AWS KMS key, and in such cases, the key generation and management access will completely be with the customer.

Securing the SAFE application
We follow a defense in-depth approach wherein the application code undergoes a series of security assessments. The vulnerabilities are prioritized based on their severity and are addressed before the application is deployed to production. The activities that take place under the application security program is outlined below:
01
Secure Coding Practices
We at SAFE Securities, Inc. follow a rigorous, industry best practice approach to secure our software development. We endeavor to provide a secure product with a continuous process of security testing and review. Our secure coding practice includes:
See More
  • Input Validation
  • Output Encoding
  • Cryptographic Practices
  • Session Management
  • Access Control
  • Authentication and Password Management
  • Error Handling and Logging
  • Communication Security
  • System Configuration
  • Database Security
  • File Management
  • Memory Management
02
Vulnerability Assessment & Penetration Testing
We perform continuous SAST and DAST scans of the product as a part of our DevSecOps practices. Any vulnerabilities found during these scans or other vulnerability discovery activities are patched with the highest priority before the product's final release. In addition, our internal security team performs the manual and automated testing of the application for the business logic flaws before each release.
03
Production Infrastructure Security
The AWS production environment where SAFE is deployed undergoes continuous security assessment. Some key activities include:
Configuration assessment of all PaaS services
Daily Vulnerability Assessment scans
Continuous logs and alerts monitoring
Periodic patch management and access review
The production endpoints that are accessible over the internet undergo security assessments as a part of our ‘due diligence’ approach to ensure only essential services are allowed over the internet.
Third-Party Assessment

Third-party Security Assessment is performed using a 4-tier approach defined under Vendor Management Policy and Process. All the third parties are categorized based on the area of focus and criticality of business. A Questionnaire-based security assessment is performed for each of the third-party, and if the assessment report is found satisfactory, only then is the vendor allowed.

In addition, we perform Third-party Vendor Risk assessment for each third party using the SAFE. The assessment includes digital attack surface discovery based on their domain name, assessment via 100+ automated Outside-In assessment controls for Email Security, Network Security, DNS security, System Security, Application Security, Malware Servers, Breach Exposure, and more.

Securing Our Employees
01
Security awareness training
Cybersecurity is in our DNA. We have implemented security awareness and secure coding practice training campaigns continuously to ensure that security is top of mind' and not 'an afterthought.'
02
Background verification of new recruits
We perform the background verification for all new recruits, according to local laws.
Privacy Policy

We care about the privacy of your personal information. Click here to read our privacy policy.

Reporting Security Issues

We have implemented an easy process to report any bug or security issues in our system. If you find any security issues, please write to us at [email protected] with all the related information.

If you are our existing customer, you can create a support ticket with all the necessary details.